clawdie/hermes-bsd
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
hermes-bsd/gateway/platforms
History
teknium1 2982122be7 fix(gateway): deliver $HOME deliverables on root-run gateways 
Root-run gateways have $HOME=/root, which is on the MEDIA system-path
denylist, so the gateway silently dropped agent-generated deliverables
under /root (e.g. /root/work/proposal.docx) — the user got a 'here is
your file' reply with nothing attached.

_path_under_denied_prefix now treats the running user's own home as
deliverable: the home tree itself is no longer denied, while the
more-specific denied paths inside it (~/.ssh, ~/.aws, ~/.hermes/.env,
auth.json, config.yaml) stay blocked because they are separate denylist
entries. The exception only matches when the denied prefix IS $HOME, so
a non-root gateway still can't deliver another user's home.

Diagnosis, reproduction, and the failing-case analysis are from
@GodsBoy (#38108 / #38106). Implemented here as the minimal denylist
fix rather than a staging/copy subsystem.

Co-authored-by: GodsBoy <dhuysamen@gmail.com>
2026-06-04 07:50:22 -07:00
..
qqbot fix(gateway): trust adapter-owned access policy over env default-deny (#34515) 2026-05-29 04:22:41 -07:00
__init__.py
_http_client_limits.py
ADDING_A_PLATFORM.md
api_server.py fix(api-server): guard json.loads against corrupted SQLite data in response cache 2026-06-04 06:15:29 -07:00
base.py fix(gateway): deliver $HOME deliverables on root-run gateways 2026-06-04 07:50:22 -07:00
bluebubbles.py refactor(bluebubbles): simplify mention-gating helpers 2026-06-01 18:52:05 -07:00
dingtalk.py fix(dingtalk): finalize open streaming cards before disconnect 2026-05-23 20:48:56 -07:00
email.py
feishu.py feat(gateway): handle Feishu meeting invitations 2026-06-04 06:15:23 -07:00
feishu_comment.py
feishu_comment_rules.py
feishu_meeting_invite.py refactor(feishu): slim meeting-invite parser; add AUTHOR_MAP entry 2026-06-04 06:15:23 -07:00
helpers.py fix(gateway): preserve underscores in plain-text identifiers 2026-05-16 23:11:43 -07:00
homeassistant.py
matrix.py fix(matrix): make bang-command resolution robust + fix dead skill-command branch 2026-06-03 17:19:27 +05:30
msgraph_webhook.py fix(security): require source CIDR allowlisting for public msgraph webhook binds 2026-05-28 01:26:18 -07:00
signal.py Add Hermes desktop app (#20059) 2026-05-31 17:46:56 -05:00
signal_rate_limit.py
slack.py Add Hermes desktop app (#20059) 2026-05-31 17:46:56 -05:00
sms.py
telegram.py feat(gateway): structured stream-event protocol + Telegram draft formatting parity (#37250) 2026-06-02 00:33:50 -07:00
telegram_network.py fix(telegram): reset sticky fallback IP on connect failure, retry primary DNS 2026-05-18 22:14:45 -07:00
webhook.py feat(dashboard): complete admin panel — MCP catalog, enable/disable toggles, hook creation, system stats (#36736) 2026-06-02 00:16:11 -04:00
wecom.py fix(gateway): honor WECOM_ALLOWED_USERS in env-only WeCom DM allowlist 2026-06-01 19:20:36 -07:00
wecom_callback.py chore(wecom): make defusedxml dep acquireable and tolerant of absence 2026-05-25 23:30:43 -07:00
wecom_crypto.py
weixin.py fix(weixin): replace aiohttp ClientTimeout with asyncio.wait_for in _api_post/_api_get 2026-06-01 17:31:40 -07:00
whatsapp.py fix(whatsapp): honor dm_policy and group_policy open at the gateway 2026-06-01 19:51:21 -07:00
yuanbao.py fix(gateway): trust adapter-owned access policy over env default-deny (#34515) 2026-05-29 04:22:41 -07:00
yuanbao_media.py
yuanbao_proto.py
yuanbao_sticker.py